Tip:
Highlight text to annotate it
X
In this video from ITFreeTraining I will look at the two basic types of encryption that
are used in computing. I will also look at how these two types of encryption can be used
together in order to improve performance and security. These fundamentals will help you
deploy encryption later on and improve your understanding of how certificates work.
In today's environment, encryption is an important part of computing. In order to keep
your files secure and have secure communication you need to use encryption. Encryption is
the process of taking data and encoding it into a form that cannot be read by unauthorized
people. There are two types of encryption schemes that are used. These are symmetric
key and public key encryption. First of all I will start with Symmetric key as this is
the easiest to understand. Symmetric key encryption uses the same key
to encrypt data as to decrypt data. This generally makes it faster than public key encryption.
The problem with this method of encryption is in order for data to be decrypted, the
key must be available. This causes two problems. The first problem is the key needs to stored
securely. If an attacker were to gain access to this key they could decrypt any data that
key was used to encrypt. It is common for Symmetric keys to be stored in a safe place
and only accessed when required. The next problem is if another party needs
to decrypt the information. In order for this to occur, a secure channel needs to be used
to transfer the key. For example, a common practice is for the key to be transferred
using the telephone. Public key encryption uses two keys, a public
and private key. To illustrate, imagine that two people want to communicate with each other.
In between them is a 3th party that is trying to eavesdrop on their conversation.
With traditional encryption that uses the same key, the problem is getting the key to
the second party without the 3rd party obtaining the key. With public key encryption, the public
key is required to encrypt traffic however it does not need to be secured. If a 3rd party
was to obtain the public key, they would not be able to decrypt any data that was encrypted
using it. In order to decrypt the data you require a
private key. The private key does need to be stored Securely, but the advantage is the encryption
can occur without the private key. This means the private key never needs to be transferred
and thus there is no chance that it can be intercepted by a 3rd party.
You may wonder exactly how a system like this can work, the mathematics behind it are complex
and beyond the scope of this video but I will give you summary of how it works. When data
is encrypted using the public key it is done in a way where there is a large number of
possible solutions available. In order to decrypt the data, you would need to test every
single solution until you find the right one. Although possible, depending on how big the
key is that is being used, the process could take 100 years. If you have the private key,
the private key adds enough information to the puzzle so that there is only one solution.
It is kind of like having a prize behind a series of numbered doors. If you know which
door the prize is behind, it is easy to find the prize. Without this information, you are
force to try every door or choose one at random. Public Key Encryption is generally slower
when compared with Symmetric key encryption and thus even though it has advantages over
Symmetric key, you will find, for reasons of performance Symmetric key will be used
instead of Public Key Encryption. Like a lot of things in computing, it comes down to a
tradeoff between performance and security. In order to get a good mix of performance
and security it is possible to combine Public Key Encryption with Symmetric key encryption.
In some cases, Public Key Encryption is used to exchange keys and Symmetric key used to
encrypt the data. The principal is that a strong algorithm with a large key should be
used to encrypt the key. Public Key encryption is very useful to perform key exchanges securely.
Once the key exchange is performed, another encryption algorithm can be used that is faster
and uses a smaller key. This could be another Public Key Encryption algorithm or a symmetric
key algorithm. The next use of Public Key encryption with
symmetric keys is to protect the symmetric key. Encryption, like Windows file Encryption,
uses a symmetric key that is stored in the file. To protect the symmetric key, it is
encrypted using a public key. This gives you a fast algorithm for encrypting files and
keeps the key safe. Encryption systems like BitLocker use simpler methods. This is why
when you reformat a computer or delete a user you may lose access to encrypted files. The
new OS or user does not have the private keys that were associated with the user or OS
that are required to access the symmetric key.
For these reasons, symmetric key encryption is often used when performance is required.
Public Key Encryption is used when you do not want to have decryption occur without
the private key. You will find that some systems combine the two to give multiple users access.
For example, Windows File Encryption uses a combination of both encryption types so
that multiple users, including recovery users, can access the symmetric key. When multiple
users require access, the symmetric key is simply encrypted multiple times with each
of the public keys required. It should be pointed out that either method
can meet the needs of data encryption and communication, but combining the two does
often give a good tradeoff between performance and security.
Thanks for watching this video from ITFreeTraining. For the latest videos please feel free to
subscribe. Thanks and see you next time.